This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-phpbb-13.0-wheezy-amd64.iso.sig gpg: Signature made Tue Oct 15 16:05:12 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum c3a91e3606ed9274d3929191d16b547fe9e8430b * md5sum 0e3cb5c649bb63908eabc5e51298a27c You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXWewAAoJEIXCXpWhbrlN1yUIAK1jZjt+reHBoYnBfLOrEotL ci27fvODBbvgAJ7OSfiHsk5nbPKqQuSPBClSKC13Pl45FGAo9iIKH/TjfmhCuI0u U8fbWVwB71g+TRvwfyAMX5KqDhvA5BB5BaoMTQ0OxTtoWwcurdm41FAsiO1O3eBb LsYt2bPTugisFnWrJCVS++FFBtkAQLIX2NkZL42Xm8cOmySAzyYLfhIiDUizgR12 FzW1KUaah64KDRBv02AdRb4SWq76deDv7rtlC4PoH/2YjOZnmhRILacH/7OpubkA Baw51S9PCAT0OGDhlrlNFt/OotXrIbVRKKNTt5/QhbMP9+p/UwgtO1hu+2AvuX4= =/G9w -----END PGP SIGNATURE-----